rpm package

suse/ImageMagick&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2

pkg:rpm/suse/ImageMagick&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2

Vulnerabilities (275)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2017-7606	Med	6.5	< 6.8.8.1-70.1	6.8.8.1-70.1	Apr 9, 2017	coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image
CVE-2017-5511	Cri	9.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 24, 2017	coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVE-2017-5510	Hig	7.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 24, 2017	coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
CVE-2017-5508	Med	5.5	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 24, 2017	Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVE-2017-5507	Hig	7.5	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 24, 2017	Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
CVE-2017-5506	Hig	7.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 24, 2017	Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVE-2016-10146	Hig	7.5	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 24, 2017	Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2016-10145	Cri	9.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 24, 2017	Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
CVE-2016-10144	Cri	9.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 24, 2017	coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
CVE-2016-9556	Med	5.5	< 6.8.8.1-54.1	6.8.8.1-54.1	Mar 23, 2017	The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
CVE-2016-10059	Hig	7.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 23, 2017	Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
CVE-2016-10052	Hig	7.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 23, 2017	Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10051	Hig	7.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 23, 2017	Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10050	Hig	7.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 23, 2017	Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-10049	Hig	7.8	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 23, 2017	Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-10048	Hig	7.5	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 23, 2017	Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
CVE-2016-10046	Med	5.5	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 23, 2017	Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2014-9848	Hig	7.5	< 6.8.8.1-54.1	6.8.8.1-54.1	Mar 20, 2017	Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVE-2017-6502	Med	5.5	< 6.8.8.1-70.1	6.8.8.1-70.1	Mar 6, 2017	An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
CVE-2016-10070	Med	5.5	< 6.8.8.1-59.1	6.8.8.1-59.1	Mar 3, 2017	Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.

CVE-2017-7606MedApr 9, 2017
affected < 6.8.8.1-70.1fixed 6.8.8.1-70.1
coders/rle.c in ImageMagick 7.0.5-4 has an "outside the range of representable values of type unsigned char" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image
CVE-2017-5511CriMar 24, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow.
CVE-2017-5510HigMar 24, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write.
CVE-2017-5508MedMar 24, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF file.
CVE-2017-5507HigMar 24, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache.
CVE-2017-5506HigMar 24, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file.
CVE-2016-10146HigMar 24, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
CVE-2016-10145CriMar 24, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.
CVE-2016-10144CriMar 24, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a missing malloc check.
CVE-2016-9556MedMar 23, 2017
affected < 6.8.8.1-54.1fixed 6.8.8.1-54.1
The IsPixelGray function in MagickCore/pixel-accessor.h in ImageMagick 7.0.3-8 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a crafted image file.
CVE-2016-10059HigMar 23, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Buffer overflow in coders/tiff.c in ImageMagick before 6.9.4-1 allows remote attackers to cause a denial of service (application crash) or have unspecified other impact via a crafted TIFF file.
CVE-2016-10052HigMar 23, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Buffer overflow in the WriteProfile function in coders/jpeg.c in ImageMagick before 6.9.5-6 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10051HigMar 23, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Use-after-free vulnerability in the ReadPWPImage function in coders/pwp.c in ImageMagick 6.9.5-5 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file.
CVE-2016-10050HigMar 23, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-10049HigMar 23, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVE-2016-10048HigMar 23, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Directory traversal vulnerability in magick/module.c in ImageMagick 6.9.4-7 allows remote attackers to load arbitrary modules via unspecified vectors.
CVE-2016-10046MedMar 23, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Heap-based buffer overflow in the DrawImage function in magick/draw.c in ImageMagick before 6.9.5-5 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2014-9848HigMar 20, 2017
affected < 6.8.8.1-54.1fixed 6.8.8.1-54.1
Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption).
CVE-2017-6502MedMar 6, 2017
affected < 6.8.8.1-70.1fixed 6.8.8.1-70.1
An issue was discovered in ImageMagick 6.9.7. A specially crafted webp file could lead to a file-descriptor leak in libmagickcore (thus, a DoS).
CVE-2016-10070MedMar 3, 2017
affected < 6.8.8.1-59.1fixed 6.8.8.1-59.1
Heap-based buffer overflow in the CalcMinMax function in coders/mat.c in ImageMagick before 6.9.4-0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted mat file.

Page 13 of 14